Denial-of-Service Vulnerability in SICK MultiScan and picoScan Products
CVE-2025-32472

5.3MEDIUM

Key Information:

Vendor
Sick Ag
Status
Sick Multiscan1xx
Sick Picoscan1xx
Vendor
CVE Published:
28 April 2025

Summary

The multiScan and picoScan products by SICK are susceptible to a denial-of-service attack, allowing a remote attacker to exploit this vulnerability by executing a Slowloris-type attack. This effort can disrupt the service and render the web page unresponsive, potentially affecting normal operations.

Affected Version(s)

SICK multiScan1XX all versions

SICK picoScan1XX all versions

References

https://sick.com/psirt
x_SICK PSIRT Website
https://cdn.sick.com/media/docs/1/11/411/Special_informat...
x_SICK Operating Guidelines
https://www.cisa.gov/resources-tools/resources/ics-recomm...
x_ICS-CERT

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.